<?php 
header("Content-Type:text/html;charset=utf-8");
include 'includes/init.php';
include_once 'includes/upload.class.php';
error_reporting(E_ERROR | E_PARSE);
session_start();

$id=isset($_SESSION['id'])?$_SESSION['id']:'';
$nphone = isset($_SESSION['phone']) ? $_SESSION['phone'] : '';
$uesrname = isset($_SESSION['uesrname']) ? $_SESSION['uesrname'] : '';

$time = time();

// 用户所属项目
$sql = "select distinct p.project from t_member as m, t_product as p, t_bid as b where ( p.nphone = '".$nphone."' and p.type = b.btype and b.mid = m.id and p.mifeng = 0 ) or ( p.mifeng = 1 and p.lasttime < ".$time."  and p.nphone = '".$nphone."' and p.type = b.btype and b.mid = m.id ) ORDER BY p.type asc, b.price asc  ";

$project = $db_Obj ->getall($sql);
// 审价信息
if(!empty($_POST['product'])){
    error_log('step 1');
    $product = $_POST['product'];
    // file_name
    $tarr = array(
	 		'filepath'=>'upload',
	 		'maxsize'=>'100',
	 		'allowmime'=>array(
				'image/jpeg',
                'image/jpg',
                'image/pjpeg',
                'image/gif',
                'image/png',
                'image/x-png',
                'application/msexcel',
                'application/vnd.ms-excel',
                'application/msword',
                'application/pdf',
                'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
                'text/plain',
            ),
            'israndname'=>'1',
        );

	$upObj = new fileup($tarr); 
	// file_name
 	$file_name = $upObj->up('file_name');
 	// var_dump($file_name);die;
 	if ($file_name == '') { // 若文件名为空则输出错误信息
 		echo "<script>alert('文件未上传.');</script>";
 		// echo 'msg= '.$upObj->geterror();
 	}
 	 // 备注
    $note = $_POST['note'];

    foreach ($product as $key => $value) {

        $datas = explode("&", $value);
        $pro = $datas[0];
        $keyid = $datas[1];
        
        $sql = "SELECT
                m.company_data,
                p.mid,
                p.project,
                p.lasttime,
                p.status,
                p.price_type,
                p.material,
            	p.purchase,
            	p.plant,
                p.extranum,
                p.units,
            	p.currency,
            	p.purchase_type,
                b.price,
                b.btype,
                b.bsize,
                b.delivery,
                b.MOQ,
                b.MPQ,
                b.bnumber,
                b.rate,
                b.id
            FROM
                t_bid AS b,
                t_member AS m,
                t_product AS p
            WHERE
               (
            		p.mifeng = 0 
            		AND p.project = '".$pro."'
            		AND b.mid = m.id
            		AND p.type = b.btype
            	)
            OR (
            	p.mifeng = 1
            	AND p.lasttime < ".$time."
            	AND p.project = '".$pro."'
            	AND b.mid = m.id
            	AND p.type = b.btype
            )	
            ORDER BY p.type asc, b.price asc
            ";

        //查询待审批人员列表
        $check_sql = "select member from t_check_member";
        $member_list = $db_Obj->getone($check_sql);
        $check_member_list = explode(';',$member_list['member']);
        array_pop($check_member_list);

        $check = $member_list['member'];

        $code = md5(time());
        error_log('step 2 select sql: '.$sql);
        $result = $db_Obj->getall($sql);
        foreach ($result as $k_res => $v_res) {
            if($keyid == $k_res){
                $v_res['note'] = $note;       
                $v_res['names'] = $uesrname;       
                $v_res['file_name'] = $file_name;  
                $v_res['symbol'] = rand(1,999999999);
                $v_res['progress'] =  "$check_member_list[0]";
                $v_res['createtime'] =  time();
                $v_res['code'] =  $code;
                $v_res['bid_id'] =  $v_res['id'];
                $v_res['check_member'] = $check;
                unset($v_res['id']);
                // 写入数据库
                $write = $db_Obj->insert("t_examine",$v_res);
                if($v_res != true){
                	echo "添加失败";die;
                }
            }
        }
    }
    echo "<script>alert('OK!')</script>";
}

// 项目筛选
if(!empty($_POST['project'])){
    error_log('step 2');
	$pro = empty($_POST['project']) ? '' : $_POST['project'];
    $sql = "SELECT
    m.company_name,
    m.company_data,
    p.mid,
    p.nphone,
    p.project,
    p.status,
    p.price_type,	
    p.lasttime,
    p.units,
    p.currency,
    p.number,
    p.material,
	p.purchase,
	p.plant,
	p.extranum,
	p.mifeng,
	p.pid,
    p.validtime,
    p.invalidtime,
    p.purchase_type,
    b.price,
    b.btype,
    b.bsize,
    b.delivery,
    b.MOQ,
    b.MPQ,
    b.createtime,
    b.bnumber,
    b.rate
FROM
    t_bid AS b,
    t_member AS m,
    t_product AS p
WHERE
(
		p.mifeng = 0 
		AND p.project = '".$pro."'
		AND b.mid = m.id
		AND p.type = b.btype
	)
OR (
	p.mifeng = 1
	AND p.lasttime < ".$time."
	AND p.project = '".$pro."'
	AND b.mid = m.id
	AND p.type = b.btype
)	
ORDER BY p.type asc, b.price asc";
    error_log('step 2 sql: '.$sql);
	$infoAll = $db_Obj->getall($sql);
}

// ajax 

if(!empty($_POST['v']) && !empty($_POST['p_pid']) ){
    error_log('step 3');
	$v_extranum = $_POST['v'];
	$p_pid = $_POST['p_pid'];
	$array = array('extranum'=>$v_extranum);
	$query = $db_Obj->update('t_product', $array, 'pid='.$p_pid );
}	



include 'examine.html';
?>